Europe Sees ‘Extraordinary’ Spike In DDoS Attack Power

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Data exclusively handed to TechWeek shows a significant rise in DDoS power in Europe, an area that hadn’t traditionally seen massive attacks

Figures shown exclusively to TechWeekEurope have revealed startling growth in distributed denial of service (DDoS) attack power in Europe, an area that had not traditionally seen the same levels of activity as others.

There have already been more attacks in 2013 over 20Gbps targeting destinations in Europe, the Middle East and Africa (EMEA) than in the whole of 2012, according to research from Arbor Networks.

DDoS boom

Attacks over 10Gbps in EMEA were up 23 percent from between 2011 and 2012, but already in 2013 it’s up 82 percent. So far this year, the average size of attacks has increased 84 percent, from 1.06Gbps in all of 2012 to 1.95Gbps in Q1 of 2013.

Arbor Networks DDoS stats

The data was taken from Arbor’s ATLAS initiatives, which takes data from over 250 global ISPs and from the company’s customer base.

According to Arbor’s Darren Anstee, Europe had not seen the same levels of DDoS traffic as other areas, especially the US and Asia, but now it was rapidly catching up.

Earlier this year, what was believed to be the biggest DDoS attack in history, at 309Gbps, was recorded at a Tier 1 networking organisation in the UK, in an attempt to knock anti-spam outfit Spamhaus offline. Prolexic later questioned the figures, but the Tier 1 networking provider involved said the reports were genuine.

Another anti-DDoS vendor Prolexic yesterday reported the biggest DNS reflection attack, where attackers spoof their IP, pretend to be the target, send lines of code to a DNS server, which then sends back large amounts of traffic to the victim.

The firm said it saw an attack at 167Gbps aimed at a financial exchange platform. The company reported in April DDoS power had jumped 718 percent quarter-over-quarter.

Anstee told TechWeek attackers had been collaborating to get attack sizes up. As DNS amplification attacks rely on open DNS resolvers, DDoSers have started sharing lists of these open servers so they know where to aim their code.

It is believed a major DDoS campaign on US banks, called Operation Ababil, is now turning its crosshairs on European financial institutions, whilst attack sizes are only expected to go up and surpass the Spamhaus hit.

John Stratton, president of Verizon Enterprise Solutions, which works at the Tier 1 networking level and offers security services, said financial services remain the number one target of DDoS attacks.

“It is extraordinary how the size of attacks has grown,” Stratton said. “It has grown by 40 or 50 times over the last nine months.”

What do you know about Internet security? Find out with our quiz!

Read also :